Case Study Assignment – Moving to the Cloud SOLUTION

Case Study Assignment - Moving to the Cloud SOLUTION

Sections of report

  • Introduction (what is the cloud, benefits of cloud computing etc)
  • Identifying security threats currently (review current network and identify security threats)
  • Analysis of Cloud Adoption (critically analyse the approach of moving to the cloud, including security threats and solutions)
  • Proposal (a security solution proposed and how it can help)
  • Business continuity plan (suggest a business continuity plan for more secured and reliable architecture)
  • Conclusion (summary of work done and how it helps).

More information below of what is expected to be researched, use information below to relate to the paper. 3000 words approximate total word count, also make sure it is referenced to Harvard guidelines and ALL work cited is referenced and paraphrased (the less use of quotations is better, paraphrasing others ideas and work is ideal to give an opinion on it), make sure work is critically analytical, so that an opinion comes across.

Potential things to look into – NETWORK HARDENING, ACCESS CONTROL AND AUTHENTICATION (SUCH AS RADIUS SERVERS), FIREWALL, INTRUSION DETECTION SYSTEM, INTRUSION PREVENTION SYSTEM, DEMILITARIZED ZONE (NETWORKS), VPN, IPSec, PKI

There are two kinds of people in the world: Those who have lost critical data, and those who will. In other words, if you use technology long enough and neglect to back up your data, you’re guaranteed to have at least one extremely bad day. Whether it’s theft, loss, fire, flood, corruption, or some form of malware, a single incident can destroy the lion’s share of your family photos, personal documents, address books, years-in-the-making music library, and more.

That’s what ELKIN would like to avoid by planning a good storage and security solution. ELKIN is an online photo printing, personalised gifts and design company with 1000 employees spreads over three sites in the UK: Nottingham, Leicester and London.

  • The head office is in London, there are six departments in the head office: IT, Human Resource, Management, Marketing, Sales and Finance.
  • The Leicester branch site has: IT, management and manufacturing departments.
  • The design and creative team is located in Nottingham. This team is small (15 employees), so they engage freelancers when they need it.  The Hiring Manager can select Freelancers and negotiate terms with them. Only for jobs that they are assigned by the Administrator, they can send and access messages and files, approve Status Reports. There is no policy in managing freelancers accounts.
  • There is no communication between the Design (Nottingham) and the manufacturing teams (Leicester). When the marketing team validates a client design request, the request will be sent to the design and creative team in Nottingham. When the design is realised, it will be sent back to the head office for final validation before sending it to the manufacturing team in Leicester. Any communication between the manufacturing an the design team must go through the head office.
  • Both Clients uploaded files and designs are stored in the file server. Some designs include clients photos (e.g., photo Albums design)
  • All company servers (file, email, database, web, radius and FTP servers etc.) are located in the server farm at its head office in London.
  • The other two sites are connected to the head office through leased lines.  Its lower layer networking uses Cisco Routers and switches using the standard Cisco 3 core hierarchy of access, distribution and core layer networking. Each department is in its own VLAN.
  • There is no wireless access point on any sites.
  • The RADIUS server checks user authentication.  Employees can login to the company network by username and password. The only network security technique the current network used is the packet-filter firewall implemented on the edge router.

ELKIN

Figure 1: Old company configuration

 

The company’s ecommerce site is run on a UNIX based web server. It has experienced a number of attacks such as DDOS, man in the middle, packet sniffing and replay attack etc. The company’s ecommerce site is located at the head office. Customer can visit the website by following the link http://www.elkin.com. Recently the web administrator has received complaints from customers that they have received phishing emails with a link to a bogus website. Several customers have fallen for it and clicked the link to login to the bogus website. What’s worse is that some employees’ login detail and customers’ details and files (private photos) were published on a hacker’s website. According to the information published, these were collected through a sniffing attack. These kinds of incidents have seriously damaged the company’s reputation. Also, attackers has been able to intercept some critical documents that the design and creative team was transferring to the FTP server.

Since cloud computing is becoming increasingly popular, the company has decided to move to the cloud to store all their data and operations, they have decided to create their own data center in the head office in London. However there are few concerns about the data security and the access control in the cloud.

The basic requirements are:

  • Robust and secured web server, which can handle all online transactions.
    • Only Marketing department has full access (Write, read, and delete pages) to the webserver.
  • Secured and reliable file server that will store the files uploaded by the clients.
    • Only Sales and management team have access to this server. When an order is sent for design or manufacturing, only associated client files will be sent with the order details in a secured way.
    • The Design and manufacturing team will keep a copy of the client files, and delete them when the order is finalised.
  • Secured and reliable database server, it includes Personnel DB and Sales DB.
    • Only the Finance department has access to the Sales DB.
    • Only HR department has access to the Personnel DB.
  • All sites need to have access to the storage space in the cloud:
    • The design and creative team would like to have a private and highly secured dedicated storage space, which is not available for the other branches.
    • Storage space shared between Finance, Sales and management departments.
  • All the data transfer to the data center must be secured.

 

Please submit the assignment as a single Word/PDF document.

Your report should be around 3000 words. Due to space limitation, your article should be organised and written in an as-precise-as-possible manner.

Please present your report as clearly as possible because it also serves as demonstration of your understanding of the investigated topic which is a requirement for the assignment.

IMPORTANT – you must also suggest a business continuity plan for more secured and reliable architecture.

NOTES:

You must admit any work conducted by other authors but referenced by you in your essay, or else, you may run risk of being charged with plagiarism which, once confirmed, will bring your coursework a mark of Nil. It is quite likely to be found if you simply copy a relevant work of other authors without appropriately acknowledging them by referencing it.

The following is an ‘indicative’ marking scheme and seeks to outline some broad concepts and principles by which the assignment will be marked.

Element Max. Mark in %
Identify the security threat to the current network 20%
Critically analyse the approach of moving to the cloud (small review of threats and security solutions developed) 25%
Propose and justify a security solution. 35%
Structure and presentation of report, grammar, spelling, punctuation etc. 10%
Summary and Conclusions 10%
TOTAL 100%
GRADE

 

 

59

 

 

 

 

 

 

 

 

 

 

 

 

 

50

Knowledge The work is of a good standard in that there is an attempt to present it logically and it is reasonably error-free. It illustrates a good understanding of content as well as issues and problems. There is a little evidence of reading of primary research literature. SECOND DIV 2
Criticality The work has a fairly good level of critical engagement with complex ideas and concepts. There is a fair appreciation of some of the relevant competing perspectives.
Application The work reflects some attempt at applying knowledge in unusual and/or novel circumstances as well as to more typical work-based scenarios.
Evaluation The work shows a fairly good level of evaluation and, perhaps, illustrates a few solution-focused conclusions based on that evaluation.
Communication The work is communicated without very much authority. It requires development to come close to that expected of a professional in the discipline.
 

49

 

 

 

 

 

 

 

 

 

 

 

 

 

 

40

Knowledge Demonstrates a satisfactory level of knowledge, but with little evidence of reading of primary research literature. THIRD
Criticality The work has a fair level of critical engagement with complex ideas and concepts, but here is a little appreciation of the relevant competing perspectives.
Application The work offers limited application of knowledge in unusual and/or novel circumstances but is a little better concerning more typical work-based scenarios.
Evaluation The work shows a fair level of evaluation but rarely illustrates any solution-focused conclusions based on that evaluation.
Communication Although soundly presented, the work lacks authority. Due to some weaknesses in style, it does not come at all close to that expected of a professional in the discipline.
39

 

 

 

 

 

 

 

 

 

 

 

 

 

 

35

Knowledge The work is limited in that it is not logically presented and has errors. It illustrates little understanding of content as well as issues and problems. There is little evidence of any reading of primary research literature. FAIL
Criticality The work lacks much critical engagement with any ideas and concepts. There may be virtually no appreciation of the relevant competing perspectives.
Application The work demonstrates very little attempt at applying knowledge in unusual and/or novel circumstances and is little better concerning more typical work-based scenarios.
Evaluation The work shows inadequate evaluation and does not refer to any solution-focused conclusions based on that evaluation.
Communication The work is communicated in an unacceptable way. It is far from that expected of a professional in the discipline.
34

 

 

 

 

 

 

 

 

 

 

 

 

 

21

Knowledge The work is poor and has a number of errors. It illustrates virtually no understanding of content or of issues and problems. There is almost no evidence of any reading of primary research literature.
Criticality The work lacks critical engagement with ideas and concepts. There is almost no appreciation of the relevant competing perspectives.
Application The work makes almost no attempt at applying knowledge to any work-based scenarios.
Evaluation The work shows virtually no evaluation and hardly refers to any conclusions based around an evaluation.
Communication The work is communicated very poorly. It is not to any graduate standard.
20

 

 

 

 

 

 

 

 

 

 

 

 

5

Knowledge The work is extremely poor and has many errors. It illustrates no understanding of content or of issues and problems. There is no evidence of any reading of primary research literature.
Criticality The work lacks any critical engagement with ideas and concepts. There is no appreciation of the relevant competing perspectives.
Application The work makes no attempt at applying knowledge to any work-based scenarios.
Evaluation The work shows no evaluation and does not refer to any conclusions based around an evaluation.
Communication The work is incoherent and may be scant or severely under-length.
4

 

1

 

Z

 

(0)

Nothing of merit in submitted work.

 

 

 

Where no work has been submitted the NS notation will apply.

 

Z designates work where an academic offence has occurred or been suspected.

 

Style APA Words Count 2940
Download immediately available after purchase